Rpm_package resource try to upgrade instead of to install


I’m trying to install a package but instead of to install the package, the rpm_package resource try to upgrade the rpm even though I’ve set the action to :install. As you can see below, -U option is used, aside from -ivh that I’ve added. Can someone explain why this happen?

---- Begin output of rpm -ivh -U /var/chef/cache/httpd-2.4.29-1.pb.x86_64.rpm ----
STDERR: error: Failed dependencies:
httpd = 0:2.4.29-1.mc is needed by (installed) mod_ssl-1:2.4.29-1.mc.x86_64
---- End output of rpm -ivh -U /var/chef/cache/httpd-2.4.29-1.pb.x86_64.rpm ----
Ran rpm -ivh -U /var/chef/cache/httpd-2.4.29-1.pb.x86_64.rpm returned 1

Resource Declaration:
# In /var/chef/cache/cookbooks/farmWebLayer/recipes/apache.rb

 42: rpm_package 'httpd-2.4.29-1.pb.x86_64' do
 43:   source "#{Chef::Config[:file_cache_path]}/httpd-2.4.29-1.pb.x86_64.rpm"
 44:   action :install
 45:   options "-ivh"
 46: end

Compiled Resource:
# Declared in /var/chef/cache/cookbooks/farmWebLayer/recipes/apache.rb:42:in `from_file'

rpm_package("httpd-2.4.29-1.pb.x86_64") do
  package_name "httpd-2.4.29-1.pb.x86_64"
  action [:install]
  retries 0
  retry_delay 2
  default_guard_interpreter :default
  declared_type :rpm_package
  cookbook_name "farmWebLayer"
  recipe_name "apache"
  source "/var/chef/cache/httpd-2.4.29-1.pb.x86_64.rpm"
  options "-ivh"
  version "2.4.29-1.pb"



rpm -U does the same thing as rpm -i but is safer. From the man pages


rpm {-U|–upgrade} [install-options] PACKAGE_FILE …
This upgrades or installs the package currently installed to a newer version. This is the same as install, except all other version(s) of the package are removed after the new package is installed.

There is almost no reason to use -i. If you use action :install chef will always use -U.


Hi spuder,
I already know that man page, but if rpm has two distinct options for that kind of operation, it has no sense to define the same two different actions (install and upgrade) on the rpm_package resource but doing the same thing.

Thus, the rpm_package action INSTALL shall simply install a package like -i option does in rpm command, while the UPGRADE action shall correspond to the -u option of the rpm command. Otherwise just provide the only ACTION UPGRADE.

But in some scenario, users want to simply install (-i) and do not upgrade (-u).

Two different behaviors of the rpm options should be reflected on rpm_package actions as well. What do you think?



rpm -i is dangerous because it will not replace obsoleted packages. Every install documentation I’ve ever seen for RHEL based packages has recommended using rpm -U.

Consider the mysql install documentation. They warn against using rpm -i and instead recommend using rpm -U


Since rpm -U does the exact same thing as rpm -i, but is safer, the cookbook chooses the safer option.

I know it seems counter intuitive to ‘upgrade’ a package instead of ‘installing’ it. This is something that the rpm developers chose, and is considered best practice.

The only time you want to use -i is when installing a kernel rpm and you want to leave your old kernel in place in case the new kernel will not boot.